Mobile devices are critical in today’s connected business world. Yet, very few companies have visibility into mobile platforms to identify cyberattacks, vulnerabilities and unknown threats targeting their customers’ personal data and confidential business information. Softbank gets it. As the third largest public company in Japan, SoftBank is a Japanese multinational […]
Background By:Simone Margaritelli c Follow Simone Margaritelli (@evilsocket) Zimperium zLabs Follow Zimperium zLabs (@zLabsProeject) During the last weeks we’ve been investigating multiple aspects of GSM security such as protocol vulnerabilities as well as source auditing the world’s most common open source software products that run GSM networks. In this post we’ll […]
‘Quadrooter’ is a group of four vulnerabilities affecting specific Android devices leveraging the Qualcomm chipset and associated driver code. These four vulnerabilities are a small part of the 36 vulnerabilities reported from the same class of bug (privilege escalation) for the same vendor (Qualcomm) that were fixed as part of […]
For the past two weeks, full-grown adults, college students and children have all been roaming around the country in search of Pokémon (gotta catch ’em all, right?). This augmented reality mobile phenomenon has removed people from their home and encouraged them to explore their neighborhoods, but catching them all has […]
By:Zuk Avraham Follow Zuk Avraham (@ihackbanme)Joshua Drake Follow Joshua Drake (@jduck)Nikias Bassen Follow Nikias Bassen (@pimskeks) Following our discovery of vulnerabilities in the Stagefright library in April, Zimperium Mobile Threat Protection, zLabs VP of Research Joshua J. Drake continued researching media processing in Android. His continued research, which focused on remote […]
Earlier this week, Zimperium (@ZIMPERIUM), the leader in mobile threat protection, unveiled a major vulnerability in Android – Stagefright. Joshua Drake (@jduck), VP of Platform Research and Exploitation and a senior member of Zimperium zLabs, proactively studied the code. According to a few firms, other people have identified vulnerabilities in […]
By Zuk About 5 years ago, when smartphone usage exploded, Zimperium built zANTI as an easy to use mobile pentesting tool. As zANTI proved successful in exposing a wide range of vulnerabilities, our customers requested that we develop a way to protect their employees against these risks and the rest is history. […]
Is the Apple Watch secure? While everyone is tuned in to WWDC 2015, waiting for the latest moves and releases from San Francisco, there are those of us whose first reaction is to see, and sometimes find, the potential security vulnerabilities that come with each new iOS and gadget. The […]
EDIT: The following post * was not on a rooted or jailbroken device *. In order to access the plain-text secret-chat database containing the messages, we used our implementation of CVE-2014-3153. The claims that the device is rooted / jailbroken are incorrect and misleading. I will start by quoting CryptoFail […]
By: Zuk Avraham and Rachel Ackerly Is Google abandoning their customers? A recent policy change at Google to stop producing security updates for Android 4.3 or older could jeopardize roughly 930 million Android users. This translates into about 60% of all Android users, many who would never realize they were […]
Receive Zimperium proprietary research notes and vulnerability bulletins in your inbox